Request Smuggling org.apache.tomcat:tomcat-catalina Dependency in Bamboo Data Center and Server

This High severity org.apache.tomcat:tomcat-catalina Dependency vulnerability was introduced in versions 9.2.1, 9.3.0, and 9.4.0 of Bamboo Data Center and Server. This org.apache.tomcat:tomcat-catalina Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

Internet Bug Bounty: Possibility of Request smuggling attack

A vulnerability in Apache Tomcat allowed request smuggling due to incorrect parsing of HTTP trailer headers. A specially crafted trailer header exceeding the size limit could cause Tomcat to treat a single request as multiple requests, enabling request smuggling attacks when behind a reverse prox...

PT-2023-31567 · Caddy · Caddy-Geo-Ip

Name of the Vulnerable Software and Affected Versions: caddy-geo-ip versions 0.6.0 and earlier for Caddy 2 Description: The issue allows attackers to spoof their source IP address via an X-Forwarded-For header, which may bypass a protection mechanism, such as the trusted proxy directive in revers...

Apache Tomcat 9.0.0-M1 < 9.0.83 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.95, 9.0.0-M1 to 9.0.82 or 10.1.0-M1 to 10.1.15. It is, therefore, affected by a request smuggling vulnerability. Tomcat did not correctly parse HTTP trailer headers. A specially crafted trailer header that exceeded the head...

Apache Tomcat 8.5.x < 8.5.96 Request Smuggling

The version of Apache Tomcat installed on the remote host is 8.5.x to 8.5.95, 9.0.0-M1 to 9.0.82 or 10.1.0-M1 to 10.1.15. It is, therefore, affected by a request smuggling vulnerability. Tomcat did not correctly parse HTTP trailer headers. A specially crafted trailer header that exceeded the head...

USN-6530-1: HAProxy vulnerability

It was discovered that HAProxy incorrectly handled URI components containing the hash character . A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain pathend rules...

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47633

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47106

Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...

CVE-2023-47106

Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...

Improper access control

Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...

CVE-2023-47633

CVE-2023-47633 affects the Traefik Docker image when it serves as its own backend, triggered by an automatically generated route from Docker integration in default configuration. The issue causes 100% CPU usage, leading to a denial of service-like impact on the affected instance. The vulnerabilit...

CVE-2023-47633 Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47633 Uncontrolled Resource Consumption in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. The traefik docker container uses 100% CPU when it serves as its own backend, which is an automatically generated route resulting from the Docker integration in the default configuration. This issue has been addressed in versions...

CVE-2023-47106

Traefik vulnerability CVE-2023-47106: when a request contains a URL fragment, Traefik URL-encodes and forwards the fragment to the backend, violating RFC 7230 (origin-form should only have path and query). In a setup with a frontend proxy like Nginx, this can bypass URI-based access controls. Add...

CVE-2023-47106 Incorrect processing of fragment in the URL leads to Authorization Bypass in Traefik

Traefik is an open source HTTP reverse proxy and load balancer. When a request is sent to Traefik with a URL fragment, Traefik automatically URL encodes and forwards the fragment to the backend server. This violates RFC 7230 because in the origin-form the URL should only contain the absolute path...

CVE-2023-47124

CVE-2023-47124 describes a DoS vector in Traefik when using HTTPChallenge to obtain/renew Let’s Encrypt TLS certificates: the 50-second delay allowed solving the challenge can be abused for a slowloris-style attack. Public details in the initial document specify impacts as a server availability r...

[SECURITY] Fedora 37 Update: golang-github-openprinting-ipp-usb-0.9.23-5.fc37

HTTP reverse proxy, backed by IPP-over-USB connection to device. It enables driverless support for USB devices capable of using IPP-over-USB protocol...

Fedora: Security Advisory for golang-github-openprinting-ipp-usb (FEDORA-2023-ce2836acfa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-46589

An improper Input validation flaw was found in Apache Tomcat due to incorrect parsing of HTTP trailer headers. A trailer header that exceeded the header size limit could cause Tomcat to treat a single request as multiple requests, leading to the possibility of request smuggling when behind a...